<?php
/*
	PERILAMVANONTAI OLES OI SUNARTISEIS ME TIS OPOIES DIAXEIRIZETE TO SITE O ADMINISTRATOR

ap simainei admin panel 

emfanizei oles tis mixanes pou uparxoun stin vasi
me skopo tin epilogi kai tin epeksergasia mias apo aftes
kaleite stin selida admin_panel.php*/

function ap_show_models()
{
$data=mysql_query("SELECT * FROM bike");
	while($info=mysql_fetch_array($data))
	{
		$id=$info['id'];
		$brand=$info['brand'];
		$model=$info['model'];
		echo"<option value='$id'>$id $brand $model</option>";
	}
}

/*register twn mixanwn me ola ta stoixeia tous
kaleite stin selida create_bike.php
*/
function ap_bike_register(){
	 		$dir="http://localhost/bike_rental/pics/bikes/";
			$brand=$_POST['brand'];
			$model=$_POST['model'];
			$color=$_POST['color'];
			$price=$_POST['price'];
			$year_of_make=$_POST['year_of_make'];
			$photo_path=$_POST['photo_path'];
			$description=$_POST['description'];
			
			$brand=mysql_real_escape_string($brand);
			$model=mysql_real_escape_string($model);
			$color=mysql_real_escape_string($color);
			$year_of_make=mysql_real_escape_string($year_of_make);
			$photo_path=mysql_real_escape_string($photo_path);
			$description=mysql_real_escape_string($description);
			$price=mysql_real_escape_string($price);
			
			mysql_query("
			INSERT INTO bike (brand, model, color, year_of_make, photo_path, description, price_per_day ) 
			VALUES ('$brand', '$model', '$color', '$year_of_make', '$photo_path', '$description',  '$price')") or die(mysql_error());
			}

/* topothetisi stoixeiwn se forma gia epeksergasia
   kaleite stin selida admin_panel.php
*/
function ap_manage_bike()
	{
				$bike_id=$_POST['choice'];
            	$data=mysql_query("SELECT * FROM bike WHERE id=$bike_id");
				while($info=mysql_fetch_array($data))
				{
					$brand=$info['brand'];
					$model=$info['model'];	
					$color=$info['color'];
					$price=$info['price_per_day'];
					$year_of_make=$info['year_of_make'];	
					$photo_path=$info['photo_path'];
					$description=$info['description'];			
				}
					
					$dir="http://localhost/bike_rental/pics/bikes/";
					$complete_path=$dir.$photo_path;
					
					echo"<div class='ap_manage_bikes'>
							<form action='update_bikes.php' method='post'><br>
									  <input type='hidden' value='$bike_id' name='bike_id'>
								Brand:<input type='text' value='$brand' name='brand'><br>
								Model:<input type='text' value='$model' name='model'><br>
								Color:<input type='text' value='$color' name='color'><br>
								Price Per Day:<input type='text', value='$price' name='price'><br>
								Year of Make:<input type='text' value='$year_of_make' name='year_of_make'><br>
								Description:<textarea cols=40 rows=8 name='description'>$description</textarea><br>
								<img src='$complete_path'<br><br>
								Image Name:<input type='text' value='$photo_path' name='photo_path'><br><br>
								<input  class='apply_changes' type='submit' value='apply changes' name='submit'>
								<input type='submit' value='delete' name='delete'>
							</form>
						 </div>";
	}
	
	/*update sta stoixeia twn mixanwn, 
	  i diagrafi olwn twn stoxeiwn mias mixanis
	  kaleite stin selida update_bikes.php
	*/
	function ap_update_delete_bikes()
	{
			$bike_id=$_POST['bike_id'];
			$brand=$_POST['brand'];
			$model=$_POST['model'];
			$color=$_POST['color'];
			$price=$_POST['price'];
			$year_of_make=$_POST['year_of_make'];
			$photo_path=$_POST['photo_path'];
			$description=$_POST['description'];
			
			if(isset($_POST['submit']))
			{
				
				$brand=mysql_real_escape_string($brand);
				
				mysql_query("UPDATE bike SET brand='$brand', 
					model='$model', 
					color='$color',
					price_per_day='$price', 
					year_of_make='$year_of_make', 
					photo_path='$photo_path', 
					description='$description' 
					WHERE id='$bike_id'") or die(mysql_error());

							echo"You have successfully changed the data";	

							
			}
			if(isset($_POST['delete']))
			{
				mysql_query("DELETE FROM bike WHERE id='$bike_id'")or die(mysql_error());	
				echo"You have successfully deleted a bike's entry";	
							
			}	
	}
	
	/*emfanisi olwn twn users gia epilogi enos
	  me skopo tin epilogi tou kai stin sunexei astin
	  epeksergasia twn dedomenwn tou
	  kaleite stin selida admin_panel.php
	*/
	function ap_show_users()
	{
		   $data=mysql_query("SELECT * FROM user");
				while($info=mysql_fetch_array($data))
				{
					$username=$info['username'];
					$last_name=$info['last_name'];
					$first_name=$info['first_name'];
				echo"<option value='$username'>($username) $last_name $first_name</option>";
				}	
	}
	
/*
topothetisi stoixeiwn enos user gia epeksergasia
kaleite stin selida manage_users.php
*/
function ap_manage_users()
{
	            $username=$_POST['select'];
            	$data=mysql_query("SELECT * FROM user WHERE username='$username'");
				while($info=mysql_fetch_array($data))
				{
					$last_name=$info['last_name'];
					$first_name=$info['first_name'];	
					$date_of_birth=$info['date_of_birth'];
					$username=$info['username'];
					$password=$info['password'];		
				}
					echo"<div class='ap_manage_bikes'>
							<form action='update_users.php' method='post'><br>
								Last Name:<input type='text' value='$last_name' name='last_name'><br>
								First Name:<input type='text' value='$first_name' name='first_name'><br>
								Date Of Birth:<input type='text' value='$date_of_birth' name='date_of_birth'><br>
								Username:<input type='text' value='$username' name='username'><br>
								Password:<input type='text' value='$password' name='password'><br>
								<input  class='apply_changes' type='submit' value='apply changes' name='submit'>
								<input type='submit' value='delete' name='delete'>
							</form>
						 </div>";
}

	/*update sta stoixeia twn users, 
	  i diagrafi olwn twn stoxeiwn enos user
	  kaleite stin selida update_users.php
	*/
function ap_update_delete_users()
{
			if(isset($_POST['last_name']))
			{
				$last_name=$_POST['last_name'];
				$first_name=$_POST['first_name'];
				$date_of_birth=$_POST['date_of_birth'];
				$username=$_POST['username'];
				$password=$_POST['password'];
				
				if(isset($_POST['submit']))
				{
					
					$last_name=mysql_real_escape_string($last_name);
					
					mysql_query("UPDATE user SET last_name='$last_name', 
						first_name='$first_name', 
						date_of_birth='$date_of_birth', 
						username='$username', 
						password='$password' 
						WHERE username='$username'") or die(mysql_error());
						echo"You have successfully changed the data";	
								
				}
				if(isset($_POST['delete']))
				{
						mysql_query("DELETE FROM user WHERE username='$username'")or die(mysql_error());	
						echo"You have successfully deleted a client's entry";	

								
			}
			}
}
/*emfanisi apo oles tis markes pou periexontai stin vasi
  kaleite stin selida admin_panel.php
*/
function ap_show_brands()
{
	  $data=mysql_query("SELECT * FROM brands ORDER BY brand ASC");
      while($info=mysql_fetch_array($data))
         {
             $brand=$info['brand'];
             echo "<option value='$brand'>$brand</option>";
         }	
}

/*
	prosthetei ena kainourgio onoma markas stin vasi dedomenwn
	kaleite stin selida manage_bike.php
*/
function ap_add_brand()
{
		if(isset($_POST['add']))
		{
			$add_brand=$_POST['add_brand'];
			
			$add_brand=mysql_real_escape_string($add_brand);
						
			mysql_query("INSERT INTO brands (brand) VALUES ('$add_brand')")or die(mysql_error());
			header("Location: admin_panel.php");
		}
}


/*
topothetisi stoixeiwn twn orders gia epeksergasia
kaleite stin selida manage_users.php
*/

function ap_manage_orders()
{
					$username=$_POST['select']; 
					$data=mysql_query("SELECT * FROM orders WHERE username='$username'");
					while($info=mysql_fetch_array($data))
					{
						$id=$info['id'];
						$username=$info['username'];
						$bike_id=$info['bike_id'];
						$date_from=$info['date_from'];
						$date_to=$info['date_to'];
						$total_price=$info['total_price'];
					echo"<div class='orders'>
							<form action='update_users.php' method='post'>
									Order Number:<input type='text' value=$id name='id'><br>
									Username:<input type='text' value=$username name='username'><br>
									Bike id:<input type='text' value=$bike_id name='bike_id'><br>
									Date From:<input type='text' value=$date_from name='date_from'>
									Date To:<input type='text' value=$date_to name='date_to'><br>
									Total Price(Euros):<input type='text' value=$total_price name='total_price'><br>
									<input type='submit' value='Update'  class='apply_changes' name='update'>
									<input type='submit' value='Delete' name='delete'>
						     </form>
						 </div>";		
					}	
}



	/*update sta stoixeia twn orders, 
	  i diagrafi olwn twn stoxeiwn enos order
	  kaleite stin selida update_users.php
	*/


function ap_update_delete_orders()
{
				if(isset($_POST['id']))
				{
						$id=$_POST['id'];
						$username=$_POST['username'];
						$bike_id=$_POST['bike_id'];
						$date_from=$_POST['date_from'];
						$date_to=$_POST['date_to'];
						$total_price=$_POST['total_price'];
					
					if(isset($_POST['update']))
					{
						
						$id=mysql_real_escape_string($id);
						
						mysql_query("UPDATE orders SET id='$id', 
							username='$username', 
							bike_id='$bike_id', 
							date_from='$date_from', 
							date_to='$date_to',
							total_price='$total_price' 
							WHERE id='$id'") or die(mysql_error());
							
							echo"You have successfully changed the data";	
									
					}
					if(isset($_POST['delete']))
					{
							if(mysql_query("DELETE FROM orders WHERE id='$id'"))
								{
									echo"You have successfully deleted an order from " . $username;	
								}
								else
									die(mysql_error());	
					}		
				}	
}
?>